<?php


class PersonApiSso
{
    use util_array;
    const SSO_SECRET = '84d1baf3f653b45b13e92b9481464568';
    const SSO_APPID = 40;

    const DEV_SSO_URL = 'http://test-roster.i.trpcdn.net';
    const PROD_SSO_HOST_URL= "http://roster.baishancloud.com";
    const PROD_SSO_URL = 'http://218.85.120.194:5480';


    private static function getSign(array $params)
    {
        ksort($params);                     //PHP ksort函数
        $code = http_build_query($params);  //url编码并生成query字符串
        $dataSalt = sha1($code);

        $secret = self::SSO_SECRET; //SSO提供给平台的密钥
        $ssoSecret = 'bShsS0';  //固定值
        $_sign = md5($dataSalt . $secret . $ssoSecret);
        return substr($_sign, 5, 24);
    }

    public static function getUsers($name = null)
    {
        $url = self::getUrl('user');
        $headers = array();
        if (SYS_ENV == 'prod') {
            $headers['host'] = 'roster.baishancloud.com';
        }
        if (!empty($name)) {
            $url = $url . '/'. $name;
        }
        $params = array();
        $params['appId'] = self::SSO_APPID;
        $sign = self::getSign($params);
        $appid = self::SSO_APPID;
        $queryStr = http_build_query(['appId' => $appid, 'sign' => $sign]);
        $url .= ('?' . $queryStr);
        $resp = Curl::get($url, [], $headers);
        $contentstr = self::util_array_get($resp, 'content', null);
        if ($contentstr == null) {
            $content = [];
        } else {
            $content = json_decode($contentstr, true);
        }
        if (self::util_array_get($content, 'code', null) === 0) {
            $users = self::util_array_get($content, 'data', []);
        } else {
            $users = [];
            Yii::log('response failed :' . $contentstr, CLogger::LEVEL_ERROR, __METHOD__);
        }
        return is_array($users) ? $users : json_decode($users, true);
    }

    public static function auth($ticket = null)
    {
        $user = array();
        if (empty($ticket)) {
            return $user;
        }
        $url = self::getUrl('auth');
        $headers = array();
        if (SYS_ENV == 'prod') {
            $headers['host'] = 'roster.baishancloud.com';
        }
        $params = array();
        $params['appId'] = self::SSO_APPID;
        $params['ticket'] = $ticket;
        $sign = self::getSign($params);
        $params['sign'] = $sign;
        $resp = Curl::post($url, $params, [], $headers);
        $contentstr = self::util_array_get($resp, 'content', null);
        if ($contentstr == null) {
            $content = [];
        } else {
            $content = json_decode($contentstr, true);
        }
        if (self::util_array_get($content, 'code', null) === 0) {
            $user = self::util_array_get($content, 'data', []);
        } else {
            $user = [];
            Yii::log($contentstr, CLogger::LEVEL_ERROR, __METHOD__);
        }
        return $user;
    }

    public static function getUrl($type,$domain = null)
    {
        $url = '';
        $domain = SYS_ENV =='prod'?(empty($domain)?self::PROD_SSO_URL:$domain):self::DEV_SSO_URL;
        switch ($type) {
            case 'ssoLogin':
                $url = $domain.'/staff-center?appId=' . self::SSO_APPID;
                break;
            case 'auth':
                $url = $domain.'/staff/account/user';
                break;
            case 'user':
                $url = $domain.'/api/users';
                break;
            case 'ssoLogout':
                $url = $domain . '/staff/account/logout?appId=' . self::SSO_APPID;
                break;
        }
        return $url;
    }


}